North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: a record?
- From: Gadi Evron
- Date: Mon Nov 14 18:25:00 2005
Jeroen Massar wrote:
Not to start a huge pointless discussion, but I have a few thoughts on this:
Gadi Evron wrote:
Other solution: disable IPv4 SSH and enable the IPv6 one, no scanning on
that plane ;)
Enjoy scanning, even I and I guess the rest of this list will be long
time retired and sipping pina coladas and other good stuff (hot
chocolate milk with whipcream and baileys anyone? :) in hawaii or some
other heavenly place the day that the hardware and pipes are available
to scan a single /64 efficiently.
It's easier & faster to google or use logs* for working hosts ;)
* = maybe RFC3041 does have a use as that makes these IP's 'random' and
thus sort of useless unless one attacks directly...
You don't have to scan an entire /64 ( :) ).
You can sniff network traffic and see what IP addresses you see, then
scan only close ranges to those.
You can create a DB or download one, with addresses of known used spaces.
You can throw out thousands of random packets, finding used spaces.
You can do a lot of things, some smarter and mathematical, others just
sensible. If I could come up with 3 silly solutions in 2 seconds, I bet
the Bad Guys will do far better when the time comes, if it ever does. I
am of a mind that we need IPv-NEXT-ONE (or whatever) to deal with actual
problems before we undertake IPv6, but that's just an opinion and
therefore completely wrong.
Don't count any of today's trouble out.. even if we all did use IPv6.
Besides, with IPv6 it is my understanding we will have far larger issues
to contend with.